Do you assume it's one person? What if it was 10 people? What if it was 100? What if it was 1000?
If you work a 40-hour work week, there are 2080 hours per year when you work. Over 8 years, one person working a full-time job with no overtime works 16,640 hours. If you've got 100 people working full-time for 8 years, that equates to 13 emails per hour per person. Now imagine if they work 60 hour weeks, or 80 hour weeks. 5-10 emails per hour doesn't seem all that outlandish when you're helping run a country.
Having a corporate culture/pride/ethics that would make code theft unlikely
How exactly do you propose that Microsoft force Chinese programmers to work according to their ethics? That's like MS opening a shop in Mexico and trying to explain to everyone that they no longer take naps in the middle of the work day, or opening a shop in Saudi Arabia where they get a vacation on Christmas but not Ramadan.
I've said it several times before, and I'll say it again: dealing with Chinese vendors sucks. You never know if the code is original or not.
Yeah you do. It's not.
I realized how the Chinese think when I heard about the theme park they built in Beijing a couple years ago. They had several options. The most obvious is an all-Chinese theme, Chinese culture has so much history that there are so many things they could integrate into their own theme park to make a truly unique thing. The other option that comes to mind would be to license something from Disney or someone else, then you could sell all of the official merchandise, get cuts from other things, etc.
But they didn't choose either of those options, they chose a counterfeit Disney park. Everything looks (sort of) like Disney, but it's not, and they can't sell any Disney merchandise. They could have made something truly their own, or licensed an existing brand, but they thought the best choice was to make a counterfeit product. That gave me some insight into the way things work in China.
The forms are becoming less dumb. What happens if you go to import the data and validate and find it has an error? The user is probably long gone. We need smart forms. It's odd though that our online models are moving to the offline world, if that was my client I would just tell them that the form is online, not in a PDF. I'll put a link in the PDF to launch the online form.
Indeed, errors never happened on paper forms because users never make mistakes. We should probably just go back to a paper-based model for everything. No one ever got a trojan from a paper form.
Can we never use the word "boffin" on Slashdot again please? I believe that word is a British colloquial term for "someone who uses their brain to work, but I don't understand it so I'll make up my own word". Around here we're decently intelligent, you can use a word like "mathematician" and not confuse anyone.
the whole non-redacted-data text redaction "feature"
I'm not sure if text redaction is a feature, they just drew a bunch of black rectangles over the text and them someone pointed out that that doesn't actually make the text go away, it's just under the rectangle.
Screw Acrobat, Adobe needs to fix Flash. Flash CS4 is the worst software I've ever used (I've been using Flash since Flash 5, now we're on Flash 10 and they still haven't fixed the major bugs).
Yeah, like form validation. Who needs useless fancy web 2.0 crap like form validation? I say we should all trust the user's input. Users never make mistakes.
Kind of scary with an ego that he can't admit to a mistake that small.
Considering how much press this generates, it's not exactly a small mistake. This is akin to that guy who used to promote his identify theft prevention business by putting his social security number in his ads, and then eventually getting one or more loans taken out in his name. When much of Mark's business is involved with privacy, he certainly wants to do everything possible to make it appear that the privacy policy that his company sets also works for him, but apparently it doesn't. That's not something he wants to admit.
I strongly doubt that's what he's referring to, considering that a calculator is not "a university computer system" and hacking one wouldn't warrant a visit from a federal agent.
If they search for the right string, then it should very closely approximate the number of compromised websites. The only other thing it should find are people talking about how to find the list of compromised websites.
Because of the interface between the server language and the database, not all SQL injection attacks will work on just any setup. The connection between PHP and MySQL, for example, will only execute a single query at a time. SQL Server, for example, will allow you to separate queries with a semicolon and send an entire batch.
I'm a bit puzzled as to how you would construe my first post as a "complaint". I sort of have to be a user to complain about how it works. I don't really care how it works, I find the whole tragic comedy fairly amusing.
Don't worry, Adobe is making damn sure of that. Hopefully you also enjoy attending training seminars and classes, that way you won't have to use our online courseware from the comfort of your home or office.
Sure, but do you know of any other program that will not let you save an open file to local storage if that file was opened from a network share that no longer exists? We used to have DHCP leases expiring at some point in the middle of the day, so all the Flash developers would start screaming when their IP got renewed. No one else really had much of a problem when that happened, only the Flash guys. Even the most basic text editor I've got will let me save an open file anywhere I want, regardless of how I opened it or whether or not the original file or filesystem exists anymore.
I agree. The first change they need to make is to allow Flash to work reliably over a LAN. For software whose purpose is to create internet content, it seems a little ridiculous that their official policy is to not support any type of LAN use in any context.
If anyone has Flash installed and wants to see what I'm talking about, open up Flash and use it to create or open a FLA file on a network share. With the file open, remove access to the network share. Now marvel as it's not possible to save the file anywhere, even on local storage. Even if the connection to the share gets re-established. This is how Flash has always worked, at least since I started using Flash 4, and that behavior remains in CS4 (Flash 10).
You're probably right about the codebase, but I would be equally surprised if they've owned the Flash property for this long without rewriting it, considering the glaring problems.
Do you assume it's one person? What if it was 10 people? What if it was 100? What if it was 1000?
If you work a 40-hour work week, there are 2080 hours per year when you work. Over 8 years, one person working a full-time job with no overtime works 16,640 hours. If you've got 100 people working full-time for 8 years, that equates to 13 emails per hour per person. Now imagine if they work 60 hour weeks, or 80 hour weeks. 5-10 emails per hour doesn't seem all that outlandish when you're helping run a country.
Having a corporate culture/pride/ethics that would make code theft unlikely
How exactly do you propose that Microsoft force Chinese programmers to work according to their ethics? That's like MS opening a shop in Mexico and trying to explain to everyone that they no longer take naps in the middle of the work day, or opening a shop in Saudi Arabia where they get a vacation on Christmas but not Ramadan.
I've said it several times before, and I'll say it again: dealing with Chinese vendors sucks. You never know if the code is original or not.
Yeah you do. It's not.
I realized how the Chinese think when I heard about the theme park they built in Beijing a couple years ago. They had several options. The most obvious is an all-Chinese theme, Chinese culture has so much history that there are so many things they could integrate into their own theme park to make a truly unique thing. The other option that comes to mind would be to license something from Disney or someone else, then you could sell all of the official merchandise, get cuts from other things, etc.
But they didn't choose either of those options, they chose a counterfeit Disney park. Everything looks (sort of) like Disney, but it's not, and they can't sell any Disney merchandise. They could have made something truly their own, or licensed an existing brand, but they thought the best choice was to make a counterfeit product. That gave me some insight into the way things work in China.
The forms are becoming less dumb. What happens if you go to import the data and validate and find it has an error? The user is probably long gone. We need smart forms. It's odd though that our online models are moving to the offline world, if that was my client I would just tell them that the form is online, not in a PDF. I'll put a link in the PDF to launch the online form.
Because I'm not confused by the term "mathematician" and would prefer that over "some guy who thinks for a living".
Indeed, errors never happened on paper forms because users never make mistakes. We should probably just go back to a paper-based model for everything. No one ever got a trojan from a paper form.
Can we never use the word "boffin" on Slashdot again please? I believe that word is a British colloquial term for "someone who uses their brain to work, but I don't understand it so I'll make up my own word". Around here we're decently intelligent, you can use a word like "mathematician" and not confuse anyone.
the whole non-redacted-data text redaction "feature"
I'm not sure if text redaction is a feature, they just drew a bunch of black rectangles over the text and them someone pointed out that that doesn't actually make the text go away, it's just under the rectangle.
Screw Acrobat, Adobe needs to fix Flash. Flash CS4 is the worst software I've ever used (I've been using Flash since Flash 5, now we're on Flash 10 and they still haven't fixed the major bugs).
to do useless fancy web2.0 crap.
Yeah, like form validation. Who needs useless fancy web 2.0 crap like form validation? I say we should all trust the user's input. Users never make mistakes.
That's not something you need to legislate. If it's a better feature then people will buy it, you don't need to force it on everybody.
Kind of scary with an ego that he can't admit to a mistake that small.
Considering how much press this generates, it's not exactly a small mistake. This is akin to that guy who used to promote his identify theft prevention business by putting his social security number in his ads, and then eventually getting one or more loans taken out in his name. When much of Mark's business is involved with privacy, he certainly wants to do everything possible to make it appear that the privacy policy that his company sets also works for him, but apparently it doesn't. That's not something he wants to admit.
I thought the price of freedom was a buck-oh-five.
Motion denied, you need to wait until I'm done.
Overruled.
If I fuck you while dressed like Lady Liberty, and you're dressed like Justice
I put on my robe and judge's wig.
I strongly doubt that's what he's referring to, considering that a calculator is not "a university computer system" and hacking one wouldn't warrant a visit from a federal agent.
Sorry for the typos - I'm typing on a mac.
I'm not usd to this keyboard'
Maybe you can blame that on Microsoft too, like the update that broke your Mac.
If they search for the right string, then it should very closely approximate the number of compromised websites. The only other thing it should find are people talking about how to find the list of compromised websites.
So the question stands, when the threat is this big, why is the site allowed to continue existing?
I don't know if you're bothering to test anything, but from where I stand 318x.com does not exist.
Because of the interface between the server language and the database, not all SQL injection attacks will work on just any setup. The connection between PHP and MySQL, for example, will only execute a single query at a time. SQL Server, for example, will allow you to separate queries with a semicolon and send an entire batch.
What is why XQuery and XSLT exist? Those exist because developers are free to choose JSON?
I'm a bit puzzled as to how you would construe my first post as a "complaint". I sort of have to be a user to complain about how it works. I don't really care how it works, I find the whole tragic comedy fairly amusing.
Don't worry, Adobe is making damn sure of that. Hopefully you also enjoy attending training seminars and classes, that way you won't have to use our online courseware from the comfort of your home or office.
Sure, but do you know of any other program that will not let you save an open file to local storage if that file was opened from a network share that no longer exists? We used to have DHCP leases expiring at some point in the middle of the day, so all the Flash developers would start screaming when their IP got renewed. No one else really had much of a problem when that happened, only the Flash guys. Even the most basic text editor I've got will let me save an open file anywhere I want, regardless of how I opened it or whether or not the original file or filesystem exists anymore.
I agree. The first change they need to make is to allow Flash to work reliably over a LAN. For software whose purpose is to create internet content, it seems a little ridiculous that their official policy is to not support any type of LAN use in any context.
If anyone has Flash installed and wants to see what I'm talking about, open up Flash and use it to create or open a FLA file on a network share. With the file open, remove access to the network share. Now marvel as it's not possible to save the file anywhere, even on local storage. Even if the connection to the share gets re-established. This is how Flash has always worked, at least since I started using Flash 4, and that behavior remains in CS4 (Flash 10).
You're probably right about the codebase, but I would be equally surprised if they've owned the Flash property for this long without rewriting it, considering the glaring problems.